The title says it all; my 12.04 server box will only decrypt and mount my home directory if I log in over SSH. Last night I needed some data off my server but I had left my laptop with my private keys at work. I logged in directly at the box and to my surprise my home directory was empty.

Reading up on the subject, I learned about how eCryptfs works and its directory structure. Sure enough, I found the hidden .ecryptfs and .private directories in my home folder. The .private folder appeared to contain the correct number of files and directories, but with their names obfuscated by encryption obviously. However, no matter what I tried I couldn't mount the directory. I tried:

Manually invoking 'ecryptfs-mount-private'

Use 'sudo' a few times to make sure password has been supplied

Add 'ecryptfs-mount-private' to the end of .profile

Tried 'ecryptfs-recover-private', which found my encrypted home but when mounted as RO at /tmp was empty

After a few hours I figured that my files had somehow been corrupted and lost. Nothing super important stored there, so it wasn't a huge loss, but still irritating.

This morning I get to work and on a hunch log in over SSH to my server at home. Sure enough, my files are there and intact. In other words, ecryptfs is only mounting my encrypted home over SSH.

This seems completely opposite to what I've found questions about; most people log in over SSH and then wonder why their files aren't there. I haven't done any crazy configuration, other than the necessary storage of 'authorized_keys' at /etc/ssh/[user] so sshd can read it. This box was originally set up on 11.10 and during installation I elected for encrypted home directories. The recent update to 12.04 appeared to go smoothly and I didn't notice any problems.

sshd is currently set up with:

SSH protocol 2

aes256-ctr encryption

ecdh-sha2-nistp521 key exchanges

hmac-sha2-512 message authentication

521-bit ecdsa keys for server and clients

password logins disabled

all types of forwarding/tunneling disabled

PAM disabled

I can't really detail my eCryptfs setup because I haven't changed anything there; encryption was set up with the defaults implemented by the Ubuntu installation. Any ideas?

Unless, and I just realized this, my files are actually stored in the unencrypted home folder and that's what I'm seeing over SSH. This would make it appear like what I've described above. If this is the case I'm going to feel really stupid.
–
Brandon MollerJul 19 '12 at 16:46

1 Answer
1

My comment above is the correct answer. Apparently writing everything out and then reading over it made something click in my head. Should anyone else find this with a similar problem, check to see what happens when you mount and unmount your private folder with 'ecryptfs-mount-private' and 'ecryptfs-umount-private' respectively. Each should reflect as a change in files displayed in your home directory. As ecryptfs prompts, you need to cd to /home/my_user to see the change reflected.

In my case to "fix" the problem I need to:

Log in over SSH as normal

Copy all contents of '~' to another location

Edit '~/.profile' to add 'ecryptfs-mount-private' at the end (prompts for password to decrypt home after successful SSH login)

Use 'ecryptfs-mount-private' to mount encrypted home

Change directory to home, even if it's the current directory (cd /home/my_user)